Solution

Vendor Status

References

JPCERT/CC Addendum

Note that the firmware version 1.05e1-2.0.5 released on October 28, 2014 did not address the vulnerability. The vulernability has been addressed in the firmware version 1.05f-2.0.7 released on July 2, 2014. For more information, refer to the developer's website.

Vulnerability Analysis by JPCERT/CC

Analyzed on 2013.10.29

Measures

Conditions

Severity

Access Required

can be attacked over the Internet using packets

High

Authentication

login caused to be created by an administrator

Low-Mid

User Interaction Required

the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file